Book Review: Digital Evidence and Criminal Investigations: Mapping the Current State of Research and Applicable Law in a Rapidly Evolving Field

Over a decade ago, the issue of cross-border access to electronic/digital evidence gave rise to significant legal controversy. One example is the Yahoo! case in Belgium, which concerned the legality of a request by a Belgian prosecutor seeking to identify the user of a Yahoo account. ² On the other side of the Atlantic, in the Microsoft case, U.S. authorities had demanded that Microsoft provide information, but the company refused on the grounds that these data were located abroad and therefore required a request for judicial cooperation. The case, which reached the U.S. Supreme Court, ³ was resolved with the adoption of the famous Cloud Act, which was specifically designed to address this type of difficulty. ⁴ While these two cases-now old but revealing of the difficulties posed by accessing evidence in a digital, sometimes called “un-territorial” ⁵ world-are behind us, they had the merit of drawing attention to numerous stimulating issues. At the European level, this notably led to the adoption of the e-evidence package, which in turn generated further questions and controversies. ⁶

These controversies piqued the interest of Vanessa Franssen and Stanislaw Toza, who led a research project on “digital evidence in criminal investigations.” Their goal was to highlight the legal and technological difficulties and challenges associated with the collection (and use) of digital evidence. It should be noted that, while the term “digital evidence” refers broadly to the “new” challenges that digital developments pose for criminal investigations, it in fact encompasses a wide range of issues that go well beyond the specific problem of transnational cooperation between national public authorities and foreign service providers.

This book sets out to address all of these issues and is divided into several parts.

The first part is devoted to transversal challenges and solutions related to digital evidence. The first chapter, “Impact of Digital Evidence Gathering on the Criminal Justice System: A Broader Perspective” (Anže Erbežnik), places the issue of digital evidence within the European context. It highlights the diversity of projects pursued by the European Union, as expressed in particular by the EU Security Union Strategy, while emphasizing key issues—especially the right to privacy—and lamenting the insufficient attention currently given to them. This is even more important since the release of the new European Internal Security Strategy, which came after the book was published in 2025.

The second chapter, “Unresolved Jurisdictional Issues in Law Enforcement Access to Data” (Dan Svantesson ⁷ and Anna-Maria Osula), provides an overview of years of discussions surrounding a fundamental question regarding the meaning of sovereignty in our world. The general rules of judicial cooperation in criminal matters are historically based on the principle of territoriality. A state may only carry out investigative measures within its own territory. How can this principle be adapted when investigations take place online and/or involve private actors whose activities extend far beyond national borders?

The third chapter, “Effective Data Protection and Direct Cooperation on Digital Evidence” (Gavin Robinson), clarifies and conceptualizes the range of issues raised by direct cooperation between public and private actors from a data protection perspective. Among the complex issues that arise, we should notably mention the difficulty of coordinating between different types of actors (public/private, controller/processor) and between different legal frameworks (GDPR/Law Enforcement Directive, coercive request/voluntary cooperation).

The fourth chapter, “On Encryption Technologies and Potential Solutions for Lawful Access” (Cyprien Delpech de Saint Guilhem), delves into the technical details of one of the major issues raised by digital evidence: the question of encryption. The author addresses the technical challenge—a major one for the coming years—of reconciling two key interests. On the one hand, service providers use encryption mechanisms to ensure the confidentiality and security of communications. On the other hand, public authorities need to have legal means of accessing encrypted data, even though service providers may be unable to cooperate with public authorities seeking access to such data due to the implementation of end-to-end encryption.

In Chapter 5 (Admissibility of Digital Evidence), Giulia Lasagni explores the issues surrounding the use of electronic data as evidence. She reviews general evidentiary issues such as reliability and applies them to the specific context of digital data. She emphasizes the critical importance of technical standards in this area and engages in a discussion on the admissibility of evidence in a transnational context, noting that EU law has paid very little attention to the issue of evidence admissibility and that the European Court of Justice and the European Court of Human Rights have, to some extent, provided certain considerations to be taken into account. In this area, it is worth noting that the European Law Institute has proposed a draft directive for the European Union, which could not be incorporated into this analysis in time. ⁸

In Chapter 6, “Exchange of Data Between National Security Agencies and Law Enforcement-Challenges for Criminal Procedure” (Tatiana Tropina), the author explores the traditional yet still unresolved issue of the interactions and growing confusion between the collection of data and intelligence by national security agencies on the one hand and the collection of evidence by criminal investigative authorities on the other. She notes that this issue-characterized by the risk of circumventing the safeguards inherent in criminal proceedings when evidence originates from intelligence services-is becoming increasingly acute with the rise of digital evidence.

In Chapter 7, “From Mutual Trust to the Gordian Knot of Notifications” (Theodore Christakis), and Chapter 8, “Moving in the Right Direction for Transborder Access to Digital Evidence in Criminal Matters” (Angela Leonor Aguinaldo and Paul de Hert), the authors examine recent developments aimed at regulating transnational access to data, at the European Union level on the one hand, and at the Council of Europe level on the other. These chapters provide a detailed examination of the development of the two major European initiatives on this issue: the “e-evidence” package on the one hand, and the Second Additional Protocol introducing direct cooperation mechanisms-which supplements the 2001 Cybercrime Convention-on the other. These two chapters address the various issues that arose and the trade-offs that had to be made. In particular, they address several fundamental questions, including the future of traditional principles of international criminal law, such as dual criminality and ne bis in idem, and the respect for the fundamental rights of the individuals concerned, and the issues related to notifying the measure to the states concerned by the measure.

The second part of the book is a comparative legal analysis of seven European Union member states. The choice of countries is based on several criteria (geographic diversity, diversity in legal families, degree of digitalization. . .). It is worth noting that the Member States that have raised the most questions regarding cross-border access are included, namely Belgium and Ireland. All chapters are structured in the same way, and this structure is replicated in the comparative chapter (Chapter 16, “A Comparative Analysis of National Law and Practices: Unraveling Differences in View of EU-Wide Solutions,” written by the editors of the book). This second part demonstrates that, even within the EU, approaches to issues of digital evidence are extremely fragmented. The confusion is primarily terminological, insofar as, generally speaking, the definition of digital evidence is not provided for by law in any of the European states included in the comparison. There is no harmonization regarding the legal framework for investigative measures used to collect digital evidence. Some national legal systems have modernized their legal frameworks, while others continue to apply traditional rules. Furthermore, there is no consistency regarding how to classify or categorize data (should we refer to computer data or digital data?; how should we distinguish between subcategories of data?; should we distinguish between data in transit and stored data?).

A comparative analysis of EU Member States’ legal frameworks governing cooperation with foreign service providers also reveals a complete lack of harmonization at the time the e-evidence package was adopted. Is it possible to localize investigative measures targeting foreign service providers due to their presence on the territory of a Member State (“domestication”)? How should this cooperation be legally framed: should it be voluntary or mandatory? If it is mandatory, what type of procedure should be used (traditional search, general or special production order)? What safeguards should be provided? What sanctions should apply in the event of non-cooperation? These issues were not subject to any harmonization, even at the level of EU Member States.

A particularly important issue is the personal scope of application of the existing texts or practices imposing obligations to cooperate with the private sector at the national level. While the editors quite legitimately expected to find a certain degree of consistency because of the existence of European legal standards distinguishing between different types of entities (electronic communication services, providers of information society services, etc.), this terminology is not reflected in the same way in national criminal procedure. This raises the question of how electronic or digital evidence should be defined, given that only certain actors are covered by national and now EU law—most notably excluding financial actors, who nonetheless also hold “digital evidence.” ⁹

The third part of the book offers a global perspective by examining countries outside the EU. The chapter on the United States was both necessary and long-awaited to highlight the external viewpoint-that of the country where most service providers originate. Similarly, the inclusion of a chapter on the United Kingdom comes as no surprise, given how close the ties between the EU and its former member state still are. On the other hand, the chapters devoted to other countries (China, Russia, and Turkey) offer truly different and particularly noteworthy perspectives. In the conclusion, the editors use the term “totalitarian regimes” in reference to one of them, hinting at the existence of two major models for regulating digital evidence: that of democratic states on the one hand and that of totalitarian states on the other. ¹⁰ Although there is no chapter comparing the legal frameworks of these third countries or trying to conceptualize models, one should mention the most striking commonality between Russia, China, and Turkey: they all (unlike others) impose data localization requirements.

One of the book’s greatest merits is that it highlights the complexity of certain cross-cutting issues, in particular the indispensable role of the private sector. As one contribution explains, recent developments have blurred the “lines between the private sector and law enforcement.” ¹¹ The book also underscores the need to examine more closely and further develop specific issues. In addition to growing data protection requirements and the difficulties associated with cooperation with foreign actors, another obstacle has emerged for investigators: the increasing use of encryption by both legitimate and illicit actors. The European Union now appears to be on the verge of proposing solutions aimed at addressing these challenges, as announced in the Concluding Report of the High-Level Group on access to data for effective law enforcement at the end of 2024. While this suggests that some parts of the book will quickly become outdated, it also highlights the fact that it would be of great interest to anyone seeking a better understanding of the major issues surrounding the subject (journalists, academics, policymakers, and ordinary citizens).

Looking ahead, one may express some skepticism as to whether the term “digital evidence” will remain a useful framework for future research. The editors acknowledge in their conclusion that this notion is widely used in legal scholarship, despite the absence of a clear legal definition. ¹² One may also argue that the term tends to conflate a range of distinct issues (sovereignty, data protection, encryption, public-private cooperation, etc.) which, although all related to data, may benefit from being analyzed separately. The book makes a very valuable contribution by mapping the numerous questions and challenges ahead and will certainly open up multiple lines of inquiry that are linked to digital evidence but cannot be fully understood through that lens alone.